Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 16 subscribers
  • Views 113 views
  • Users 0 members are here
Options
Suggested

How to publish Local Apps with ZTNA

ptho

Hi Sophos Community,

I'm trialling ZTNA with a view to have it replace the classic SSL VPN experience for the majority of our userbase.

I've created some Web Applications that are accessed as an Agentless resource. These work entirely as expected.

I'd like to push some Local Apps, accessed by the ZTNA Agent as part of the Endpoint installation package.

These are apps used by specific people in the org that are typically in use by staff by way of a local app and a SSL VPN connection.

I am hoping to have these apps removed from their local device but accessed by the ZTNA gateway. According to Sophos documentation I see the term 'Local Apps' as a supported resource type, but can't see how these would be accessed. The Add resource wizard doesn't make this clear, nor is there any documenation outlining an example to ue as a reference.

Has anyone gone through this process and can give some insight?

Many Thanks

Parents
  • +1

    You have agentless and agentbased resources. 

    Agentbased works with an internal DNS service on the endpoint: You can use an external FQDN (which the clients open in his browser) and then you use an internal FQDN, which the GW/firewall tries to reach. 

    Agentless means, you have to create the ressource on your DNS server, so the client is looking for it and it will be redirected to Sophos. Sophos then searches for the internal FQDN. 

    Overall: There is no problem in using: Internal == external FQDN. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Hi LuCar,

    Thanks, I think I undesrtand the differences there. I suspect I don't understand or have misinterpreted what Sophos Central / ZTNA considers to be a Local App.

    The only options I have are SSH, CIFS, RDP, or OTHER. If I wanted to publisha desktop app, an executable for instance, how would / can this be achieved using ZTNA?

    Otherwise, what kind of apps qualify as 'OTHER'?

    What kind of App can be published under other? How would I publish a local app using the Agent resource? Are there any reference materials that explain this?

Reply
  • 0 in reply to LuCar Toni

    Hi LuCar,

    Thanks, I think I undesrtand the differences there. I suspect I don't understand or have misinterpreted what Sophos Central / ZTNA considers to be a Local App.

    The only options I have are SSH, CIFS, RDP, or OTHER. If I wanted to publisha desktop app, an executable for instance, how would / can this be achieved using ZTNA?

    Otherwise, what kind of apps qualify as 'OTHER'?

    What kind of App can be published under other? How would I publish a local app using the Agent resource? Are there any reference materials that explain this?

Children
Unfiltered HTML